UN1X00

About

Username
UN1X00
Joined
Visits
219
Last Active
Roles
Member

Comments

  • This is amazing news, currently studying for OSCP, It is a nightmare waiting for OSCP style boxes to be in the 20 active retired boxes.
  • I'm smashing my head against a wall here, had a user shell earlier and grabbed the user.txt however must have been lucky - I've spent 2 hours trying to replicate the exploit with no luck.
  • This is the best box I have EVER done. Thanks so much. Great for us network engineers.
    in Carrier Comment by UN1X00 January 2019
  • I have inject commands via RCE, so I have the user.txt flag, but still haven't managed to get a reverse shell, can some one point me in the right direction, have spent 7 days on this.
    in Carrier Comment by UN1X00 January 2019
  • (Quote) I have sorted it now, PM if you need I have root.
    in Chaos Comment by UN1X00 January 2019
  • This machine is going to be the death of me, have never taken so long on a box, embarrassing. I can't break out the rbash shell - ARGHHH
    in Chaos Comment by UN1X00 January 2019
  • I have been on this box for 3 days now, jumping through each hoop as they come. I am now on the part after decrypting sed file, not sure where to go, but after about 5-6 steps I feel no closer to even a user.
    in Chaos Comment by UN1X00 January 2019
  • I too am banging my head against a wall with privesc. Edit. Okay, I am still stuck here, no idea what this command people are talking about is. :anguished:
    in Access Comment by UN1X00 January 2019
  • I am really enjoying this box, so far managed to get low level shell in 15-20 mins, the user escalation was pretty simple for me, I have just completed the "overthewire" bandit tutorials, and the file type jogged my memory straight away, s…
    in Curling Comment by UN1X00 January 2019
  • I have the hype_key, but not sure how you have all worked outs its RSA. It doens't look like RSA Oh, forget that. I worked it out. STUPID.
    in Valentine Comment by UN1X00 May 2018
  • (Quote) I wrote the file on my local machine, put in on the RHOST. I managed to go from boot to root in 1 hour 20 mins, very happy with this box.
  • (Quote) No problem.
  • Guys. If you’re struggling to crack the hash your syntax for the tools are wrong. You can crack this hash in 30-90 seconds with the correct syntax. You need to give the tools what they need. 1) The format of the hash. 2) The wordlists. If you…
  • *Nice work, but it's kind of a spoiler as it gives away the exact exploit technique, removed - Arrexel*
    in Chatterbox Comment by UN1X00 May 2018
  • (Quote) I think you need to look at the tools you're using, or how you use the tools maybe provide different wordlists? I cracked the hashes in 32.2 seconds on a VM
  • (Quote) Yep - I noticed this twice the other day, someone reset the box and within 3 minutes of the reset has changed the password for the first user.
  • (Quote) Yeah, a possibility feel free to adapt my code to suit you.
    in fsociety Comment by UN1X00 May 2018
  • I finally got the user.txt. I now need root, looks like another few hours of frustration.
  • I'm a bit stuck now. I have access to the box via user, but I have found I don't have rights to read the user.txt...not sure where to go from here. :astonished:
  • (Quote) Oops, Sorry. https://github.com/un1x00/ZIPCracker
    in fsociety Comment by UN1X00 May 2018
  • (Quote) You should be fine then? You need to unzip the original zip, with the password "hackthebox" before you get the zip you should be attacking. I wrote this small python script to do the job for me: You can choose your own wordlist h…
    in fsociety Comment by UN1X00 May 2018
  • (Quote) Okay - I had found the service, just needed telling It was the correct one.
    in Poison Comment by UN1X00 May 2018
  • (Quote) Yes. I have unzipped - not sure what the interesting service is.
    in Poison Comment by UN1X00 May 2018
  • I am killing myself here - I'm reading all these comments, without saying to much can someone PM me some ideas on what I am looking for when it comes to root. I can the zip, but enumerating the sh*t out of this thing and cannot see this "servic…
    in Poison Comment by UN1X00 May 2018
  • I am starting to loose the will to live with this one. I have the user.txt but not the root.txt. I am unable to re-create my shell. I get an errors regarding a cleanup of image.php - I also have to contend with the machine being reset every 20 minut…
    in NIbbles Comment by UN1X00 May 2018
  • JOk3Rxvi, if you have the username and password then you should be able to use a known exploit to get a shell. I'm giving up for the evening on /root/root.txt - I just can't think anymore. :angry:
    in NIbbles Comment by UN1X00 May 2018
  • I’m in the same boat now, I have user and a reasonable shell. I just get kicked off every 3-4 mins by people restarting and I’m not sure yet how to get root.
    in NIbbles Comment by UN1X00 May 2018
Avatar

Howdy, Stranger!

Click here to create an account.